PUBLICATION

Operational Value of Indicators of Compromise White Paper

Revision Date

July 14, 2021

Related topics:

Cybersecurity Best Practices, Critical Infrastructure Security and Resilience

Most organizations prioritize processing internal information over processing and acting on external Indicators of Compromise (IOCs) feeds. There is a significant debate in the cybersecurity community as to what operational value some IOCs provide to organizations, since threat actors can and do change IOCs routinely to avoid detection. During the State, Local, Tribal, and Territorial IOC Automation Pilot, Johns Hopkins Applied Physics Laboratory discovered that the right question is not if IOCs are operationally valuable, but when.

Operational Value of Indicators of Compromise White Paper

Resource Materials

Tags

Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

CDM Data Model Document 4.1.1

Operational Value of Indicators of Compromise White Paper

Resource Materials

Tags

Related Resources

Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

CDM Data Model Document 4.1.1